Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Active Sync fails after Forms Based Auth enabled.

Posted on 2007-10-01
Medium Priority
Last Modified: 2008-01-09
Active Sync fails after Forms Based Auth enabled. I had this working properly with SSL and was able to sync mail with no problems. Now, when I use "https://servername/OMA" I get:

A System error has occurred while processing your request. Please try again. If the problem persists, contact your administrator.

I also get the following errors in the App Event Viewer:

EventID: 1501
No user credentials were found in the HTTP request. To fix this problem, do the following: Verify that Anonymous access is turned off on the Outlook(R) Mobile Access virtual directory in Internet Information Services. Also, verify that the Outlook(R) Mobile Access virtual directory is set to require authentication on every request.

(I verified the above security settings)

EventID: 1501
An unknown error occurred while processing the current request:
Message: Object reference not set to an instance of an object.
Source: Microsoft.Exchange.OMA.UserInterface
Stack trace:
   at Microsoft.Exchange.OMA.UserInterface.Global.Application_PreRequestHandlerExecute(Object sender, EventArgs e)
   at System.Web.SyncEventExecutionStep.System.Web.HttpApplication+IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

I have attemped the follow this process (Step 2) to resolve the issue with no success:

Question by:jefferybush
  • 2
  • 2
LVL 12

Expert Comment

ID: 19992045
Try the steps here to configure ActiveSync:

LVL 104

Expert Comment

ID: 19992073
When you made the changes in 817379 did you turn off FBA first?
If not then you brought across the problem.
My usual method for fixing this is here: http://www.amset.info/exchange/mobile-85010014.asp

However the error you have given is not what I would expect from FBA. That is an authentication account failure, not authentication type failure.
Ensure that anonymous is not enabled on the /oma, /exchange or /microsoft-server-activesync virtual directories in IIS manager.


Author Comment

ID: 19999734
Thanks, weareit and Sembee.

I used Sembee's process and have both OMA and OWA working without SSL. I don't want ot break this again but would like to enable SSL on ActiveSync and OWA, then apply Forms Based on OWA.

I currently have the following virtuals set to "Basic Auth Only" with nothing else selected:


The following with both Basic and Integrated Windows Auth:


I have not yet enabled HTTP Forms Based in ESM. I had all this working before I enabled FBA, then it all went to heck in a handbasket.

LVL 104

Accepted Solution

Sembee earned 1000 total points
ID: 19999878
You don't enable or disable SSL on a per directory basis. It is either on the site or it is not. The setting you think enables SSL actually enforces it, which is something different.
Enabling FBA should not break things, so I would suggest that you enable that.

/exchweb should not have basic and integrated authentication enabled, it should have anonymous ONLY enabled.

Have you tested OMA and EAS in the current configuration? The /exchange-oma directory should have integrated authentication enabled on it as well. That is why you have to do this - because FBA disabled the support for NTLM/Integrated authentication.


Author Comment

ID: 20002117
Thanks, Sembee! She's pretty much fixed up....I have another problem with an SBS 2003 OMA but I'll put that in a different post.

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
In my humble opinion (IMHO), TouchDown from Symantec is the best in class for this type of application, but Symantec has end-of-lifed it and although one can keep using it, it will no longer be supported or upgraded.  Time to look for alternatives t…
This video discusses moving either the default database or any database to a new volume.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses
Course of the Month10 days, 2 hours left to enroll

569 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question